kind: Deployment
apiVersion: apps/v1
metadata:
  name: csi-gce-pd-controller
  namespace: kube-system
spec:
  replicas: {{ gcp_pd_csi_controller_replicas }}
  selector:
    matchLabels:
      app: gcp-compute-persistent-disk-csi-driver
  template:
    metadata:
      labels:
        app: gcp-compute-persistent-disk-csi-driver
    spec:
      # Host network must be used for interaction with Workload Identity in GKE
      # since it replaces GCE Metadata Server with GKE Metadata Server. Remove
      # this requirement when issue is resolved and before any exposure of
      # metrics ports
      hostNetwork: true
      nodeSelector:
        kubernetes.io/os: linux
      serviceAccountName: csi-gce-pd-controller-sa
      priorityClassName: csi-gce-pd-controller
      containers:
        - name: csi-provisioner
          image: {{ csi_provisioner_image_repo }}:{{ csi_provisioner_image_tag }}
          args:
            - "--v=5"
            - "--csi-address=/csi/csi.sock"
            - "--feature-gates=Topology=true"
            - "--http-endpoint=:22011"
            - "--leader-election-namespace=$(PDCSI_NAMESPACE)"
            - "--timeout=250s"
            - "--extra-create-metadata"
          # - "--run-controller-service=false"  # disable the controller service of the CSI driver
          # - "--run-node-service=false"        # disable the node service of the CSI driver
            - "--leader-election"
            - "--default-fstype=ext4"
            - "--controller-publish-readonly=true"
          env:
            - name: PDCSI_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          ports:
            - containerPort: 22011
              name: http-endpoint
              protocol: TCP
          livenessProbe:
            failureThreshold: 1
            httpGet:
              path: /healthz/leader-election
              port: http-endpoint
            initialDelaySeconds: 10
            timeoutSeconds: 10
            periodSeconds: 20
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-attacher
          image: {{ csi_attacher_image_repo }}:{{ csi_attacher_image_tag }}
          args:
            - "--v=5"
            - "--csi-address=/csi/csi.sock"
            - "--http-endpoint=:22012"
            - "--leader-election"
            - "--leader-election-namespace=$(PDCSI_NAMESPACE)"
            - "--timeout=250s"
          env:
            - name: PDCSI_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          ports:
            - containerPort: 22012
              name: http-endpoint
              protocol: TCP
          livenessProbe:
            failureThreshold: 1
            httpGet:
              path: /healthz/leader-election
              port: http-endpoint
            initialDelaySeconds: 10
            timeoutSeconds: 10
            periodSeconds: 20
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-resizer
          image: {{ csi_resizer_image_repo }}:{{ csi_resizer_image_tag }}
          args:
            - "--v=5"
            - "--csi-address=/csi/csi.sock"
            - "--http-endpoint=:22013"
            - "--leader-election"
            - "--leader-election-namespace=$(PDCSI_NAMESPACE)"
            - "--handle-volume-inuse-error=false"
          env:
            - name: PDCSI_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          ports:
            - containerPort: 22013
              name: http-endpoint
              protocol: TCP
          livenessProbe:
            failureThreshold: 1
            httpGet:
              path: /healthz/leader-election
              port: http-endpoint
            initialDelaySeconds: 10
            timeoutSeconds: 10
            periodSeconds: 20
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: csi-snapshotter
          image: {{ csi_snapshotter_image_repo }}:{{ csi_snapshotter_image_tag }}
          args:
            - "--v=5"
            - "--csi-address=/csi/csi.sock"
            - "--metrics-address=:22014"
            - "--leader-election"
            - "--leader-election-namespace=$(PDCSI_NAMESPACE)"
            - "--timeout=300s"
          env:
            - name: PDCSI_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
        - name: gce-pd-driver
          # Don't change base image without changing pdImagePlaceholder in
          # test/k8s-integration/main.go
          image: {{ gcp_pd_csi_plugin_image_repo }}:{{ gcp_pd_csi_plugin_image_tag }}
          args:
            - "--v=5"
            - "--endpoint=unix:/csi/csi.sock"
          env:
            - name: GOOGLE_APPLICATION_CREDENTIALS
              value: "/etc/cloud-sa/cloud-sa.json"
          volumeMounts:
            - name: socket-dir
              mountPath: /csi
            - name: cloud-sa-volume
              readOnly: true
              mountPath: "/etc/cloud-sa"
      volumes:
        - name: socket-dir
          emptyDir: {}
        - name: cloud-sa-volume
          secret:
            secretName: cloud-sa
---
apiVersion: storage.k8s.io/v1
kind: CSIDriver
metadata:
  name: pd.csi.storage.gke.io
spec:
  attachRequired: true
  podInfoOnMount: false